Adware/TSUploader ~ Amzkomp Virus Information

Risk Assessment:	Home Low \| Corporate Low
Date Discovered:	11/14/2013
Date Added:	21/12/2013
Origin:	Unknown
Length:	322144
Type:	Program
Subtype:	-
DAT Required:	7258

File Properties	Property Values
Amzkomp Detection	Adware/TSUploader
Length	322144 bytes
MD5	9e33fe73d8175433069cbd7d6a005fe1
SHA1	4c6de9415e913b75d135b4fefdf19030314d1ce7

Other Common Detection Aliases

Company Names	Detection Names
avast	Win32:InstalleRex-AI [PUP]
AVG (GriSoft)	Generic.2EF.
avira	ADWARE/InstallRex.Gen
Kaspersky	not-a-virus:Downloader.Win32.AdLoad.fwz
clamav	PUA.Win32.Packer.SetupExeSection
Dr.Web	Adware.Downware.1252
FortiNet	Riskware/Adload
Eset	Win32/InstalleRex.L application
panda	Adware/TSUploader
rising	Trojan.InstallRex!562A
McAfee	RDN/Generic PUP.x!bm3

System Changes

Some path values have been replaced with environment variables as the exact location may vary with different configurations.
e.g.
%WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000)
%PROGRAMFILES% = \Program Files

The following files were analyzed:

4C6DE9415E913B75D135B4FEFDF19030314D1CE7

	The following files have been added to the system:
	%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Readme.txt %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Custom.dll %TEMP%\~DF5CE1.tmp %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Setup.ico %ALLUSERSPROFILE%\Application Data\InstallMate\6C0731FE\cfg\1.ini %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\v_grey.jpg %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\_Setup.dll %TEMP%\4C6DE9415E913B75D135B4FEFDF19030314D1CE7.log %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\general_logo.jpg %TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Setup.exe %TEMP%\TsuF7B0F4A7.dll

The following files have been added to the system:

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Readme.txt

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Custom.dll

%TEMP%\~DF5CE1.tmp

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Setup.ico

%ALLUSERSPROFILE%\Application Data\InstallMate\6C0731FE\cfg\1.ini

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\v_grey.jpg

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\_Setup.dll

%TEMP%\4C6DE9415E913B75D135B4FEFDF19030314D1CE7.log

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\general_logo.jpg

%TEMP%\{D814EF2B-7906-457A-A791-312403F7CDDD}\Setup.exe

%TEMP%\TsuF7B0F4A7.dll

	The following files were temporarily written to disk then later removed:
	%TEMP%\6C0731FE.dat %TEMP%\down.1372.1.ini.part %TEMP%\down.1372.v_grey.jpg.part %TEMP%\down.1372.general_logo.jpg.part

The following files were temporarily written to disk then later removed:

%TEMP%\6C0731FE.dat

%TEMP%\down.1372.1.ini.part

%TEMP%\down.1372.v_grey.jpg.part

%TEMP%\down.1372.general_logo.jpg.part

	The applications attempted the following network connection(s):
	198.7.61.*:80 hxxp://r1.stylezip.info/***

The applications attempted the following network connection(s):

198.7.61.***:80

hxxp://r1.stylezip.info/*****

Amzkomp Virus Information

Amzkomp Security Essentials Version 1.0.1

Amzkomp Security Essentials Version 1.0.1

Amzkomp Security Essentials Version 1.0.1

Amzkomp Security Essentials Version 1.0.1

Amzkomp Security Essentials Version 1.0.1

Amzkomp Security Essentials Version 1.0.1

Jumat, 20 Desember 2013

Adware/TSUploader

0 komentar:

Posting Komentar

Most Viewed

Mengenai Saya

Arsip Blog

Blog Archive

Blogroll

About